Re: [iwar] [fc:Are.Hacking.Defenses.Winning.the.War?]

From: e.r. (fastflyer28@yahoo.com)
Date: 2002-07-22 21:36:18


Return-Path: <sentto-279987-5026-1027398981-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Mon, 22 Jul 2002 21:45:17 -0700 (PDT)
Received: (qmail 32278 invoked by uid 510); 23 Jul 2002 04:35:30 -0000
Received: from n34.grp.scd.yahoo.com (66.218.66.102) by all.net with SMTP; 23 Jul 2002 04:35:30 -0000
X-eGroups-Return: sentto-279987-5026-1027398981-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.192] by n34.grp.scd.yahoo.com with NNFMP; 23 Jul 2002 04:36:21 -0000
X-Sender: fastflyer28@yahoo.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-8_0_7_4); 23 Jul 2002 04:36:20 -0000
Received: (qmail 35048 invoked from network); 23 Jul 2002 04:36:19 -0000
Received: from unknown (66.218.66.217) by m10.grp.scd.yahoo.com with QMQP; 23 Jul 2002 04:36:19 -0000
Received: from unknown (HELO web14508.mail.yahoo.com) (216.136.224.71) by mta2.grp.scd.yahoo.com with SMTP; 23 Jul 2002 04:36:19 -0000
Message-ID: <20020723043618.45030.qmail@web14508.mail.yahoo.com>
Received: from [68.100.117.184] by web14508.mail.yahoo.com via HTTP; Mon, 22 Jul 2002 21:36:18 PDT
To: iwar@yahoogroups.com, Information Warfare Mailing List <iwar@onelist.com>
In-Reply-To: <200207230347.g6N3l6W05637@red.all.net>
From: "e.r." <fastflyer28@yahoo.com>
X-Yahoo-Profile: fastflyer28
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 22 Jul 2002 21:36:18 -0700 (PDT)
Subject: Re: [iwar] [fc:Are.Hacking.Defenses.Winning.the.War?]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, hits=-0.2 required=5.0 tests=IN_REP_TO,FROM_ENDS_IN_NUMS,RISK_FREE,FREE_MONEY version=2.20
X-Spam-Level: 

They may not be winning the war, but they have grown far from be a
nuisance and are a growing threat to the finacial wellbeging of both
private or public sector organizations.  They are not wining, but they
are scoring points and that is bad for all parties involved.
Good question.
--- Fred Cohen <fc@all.net> wrote:
> Are Hacking Defenses Winning the War?
> <a
>
href="http://www.newsfactor.com/perl/story/18663.html">http://www.newsfactor.com/perl/story/18663.html>
> Newsfactor Network
> 
> By Tim McDonald NewsFactor Network  July 18, 2002
> 
> DoS attacks remain the most common threat. But, according to security
> experts, DoS attacks do not necessarily present the same kind of
> threat
> to national infrastructure that they once did.
> 
> 
> Learn how the right management practices can speed the enablement of
> e-business enterprises, while providing continuous availability,
> flexibility and scalability. Get a copy of the IBM white paper,
> "Infrastructure Resource Management: A Holistic Approach" today at
> www.ibm.com.
> 
> 
> The problem with hack attacks these days is that they are no longer
> easily recognizable. Like snipers, they hide in the shadows. They can
> also disguise themselves as something else.
> 
> "We can no longer say, OK, there's a neat box called viruses and
> there's
> a neat box called hackers and there's a neat box called spam," Sam
> Curry, security architect of antivirus company McAfee (Nasdaq: MCAF)
> told NewsFactor.
> 
> "All the tools are available to anybody out there who wants to
> potentially hurt people, companies or the Internet at large."
> 
> Of course, security companies have vested interests in publicizing
> computer crimes, hoaxes and scams, but there are a number of
> independent
> confirmations that computer crime continues to grow.
> 
> 'Incidents' Soaring
> 
> The federally funded Computer Emergency Response Team (CERT) reports
> that "incidents" -- which includes anything from a single host
> computer
> being hacked to hundreds of thousands of affected sites -- are on the
> upswing.
> 
> Reported incidents have increased from six in 1988 to more than
> 52,600
> in 2001, and we are on pace to break that again this year. Already in
> 2002, more than 26,800 incidents have been reported.
> 
> Vulnerabilities reported last year numbered 2,437, twice that of the
> previous year. And in the first quarter of this year, 1,065
> vulnerabilities were reported. Security alerts are also up, from 26
> in
> 2000 to 41 last year, with nine in the first quarter of 2002.
> 
> Methodologies Improving
> 
> DoS attacks remain the most common threat. These involve brute force
> and
> require more than a simple firewall to mitigate them. Experts point
> out
> that network processors using separate hardware devices are needed to
> blunt high-speed DoS attacks.
> 
> Still, DoS attacks don't necessarily present the same kind of threat
> to
> national infrastructure that they once did.
> 
> "They continue, but the methodologies for mitigating them have
> improved," Stephen Nesbitt, a NASA computer crime investigator, told
> NewsFactor.
> 
> "DoS [attacks] require a variety of systems to target a domain,"
> Nesbitt
> said. "Usually, systems are compromised for the purpose of creating a
> network. The larger the network, the larger the bandwidth, the more
> danger they can do downstream. And you can compound that by adding
> other
> kinds of attacks."
> 
> Web Services Vulnerable
> 
> Consumer security companies maintain the threat is growing. "NASA is
> thinking of national critical systems and their exposure," McAfee's
> Curry said. And as they grow in popularity, Web services are
> particularly vulnerable.
> 
> "If you're a business, you cannot afford to have transactions
> slowed,"
> said Curry. "If you're a home user, you can't afford to have
> bandwidth
> unavailable."
> 
> "Web services can't be riding really close to the line," Curry said.
> "They have to be very careful they're not near their maximum capacity
> most of the time, because if they get [a DoS attack] their service
> will
> go down, their servers will be damaged and their revenue will get
> hit."
> 
> Hybrids on Rise
> 
> The Nimda virus, which hit last September 18th, drove Internet
> traffic
> levels up worldwide -- in some places to the point where Internet
> service providers and broadband  providers could not secure service.
> 
> "As people turn more and more to the Internet to do more things,
> their
> computers are doing more than just e-mail and Internet," Curry said.
> "They're doing file-sharing, chats, interacting in more ways and
> they're
> doing it faster. I would say the more you interact and the faster you
> do
> it, the more likely you are to get infected or attacked."
> 
> Curry said hackers are using more tools to daze and confuse victims.
> 
> "We're seeing more hybrid threats, combinations of virus tools and
> hacker tools that can potentially take over systems," he said.
> "They're
> part virus/worm, part remote control Trojan. We're starting to see
> that
> spam is more than just a nuisance now -- it's also a major security
> threat."
> 
> Spammers are Cheap
> 
> Perpetrators of fraud send fake virus alerts, posing as antivirus
> companies. When users click to get protection, they find themselves
> giving their credit card numbers to buy nonexistent virus protection.
> 
> "The expense of doing spam is so low, criminals anywhere in relative
> anonymity can use that as a tool to take advantage of people, steal
> their identification, harass them and potentially steal from them,"
> said
> Curry.
> 
> And Kevin Houle, one of the authors of a CERT white paper on the
> subject
> of DoS attacks, told NewsFactor, "The problem of denial-of-service is
> fundamentally ingrained in the way that the Internet is built."
> 
> "The Internet is comprised of limited, consumable resources. Thus,
> it's
> possible [for hackers] to consume those resources. That's not likely
> to
> change any time in the near future."
> 
> According to the experts, then, the safest course of action is to
> assume
> that DoS and similar attacks are here to stay, to take the
> appropriate
> defensive measures -- however ineffective they may prove to be.
> 


__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Free $5 Love Reading
Risk Free!
http://us.click.yahoo.com/NsdPZD/PfREAA/Ey.GAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:31 PDT